Question

You work at a company that is currently under a Distributed Denial of Services attack, performed by a very large botnet. You discover the vulnerability that would allow all of the bots attacking you to become compromised. You can use this vulnerability to clean these botnets or get them to stop listening to commands to attack you.

Would you perform these actions?

Is one more palatable to you than the other?

What code of ethics are you basing this decision on -- whether it's from your reading or whether it's your own personal code of ethics?

Answer 1

Botnets can be good or bad. In the given case, they represent carriers of malicious activity. If the attack continues, the business applications will get affected and it will also have an impact on the reputation of the brand. There is also unpredictability associated with their attacks which makes it more dangerous.

It is important to detect the vulnerabilities in them and then have a security team to evaluate the patterns used by them. AI algorithms can also be used to understand their behaviour. It will help in blocking them quickly and prevent any further complications in the system.

Code of ethics:

While performing any such security action, it is important to make sure that all the functions are carried out legally and with responsibility. Honor and honesty are also very important here. The knowledge one gains to protect the system and then the integrity of the profession matters. Having some advanced knowledge or expert support can be beneficial here in deciding how to carry out the security measure.